Incremental Development of large, secure Smart Card Applications

Nina Moebius, Kurt Stenzel, Marian Borek and Wolfgang Reif

SecureMDD is a model-driven approach to develop security-critical applications. The focus lies on the development of smart card and service applications. Those are inherently security-critical and are based on cryptographic protocols. These protocols are difficult to design and error-prone. To guarantee the security of an application, formal verification is an inherent part of our software engineering approach. In this paper we illustrate that the SecureMDD approach is applicable for the development of large and complex applications as well. To handle the size and complexity, an incremental development method is suggested. This is illustrated with the german electronic health card application as case study.
published 2012 Proceedings of Model-Driven Security Workshop 2012, ACM Digital Library